Individual typing style gives key to user authentication
Your typing style is as individual as your fingerprints. Being able to use typing style to identify a change in users could be a vital security and forensic support for organisations such as banks, the military and universities, says QUT PhD researcher Eesa Al Solami.
Mr. Al Solami, from QUT's School of Electrical Engineering and Computer Science has developed an algorithmic system to capture and analyse the keystroke dynamics of keyboard users in a single session to enable user authentication throughout a typing session.
"Researchers have known for decades that people have unique typing styles but until now authentication has relied on the typing of the username and password and comparing it with current data.
"So while current computer systems can authorise the user at the start of a session they do not detect whether the current user is still the initial authorised user, a substitute user, or an intruder pretending to be a valid user.
"This makes a system that can continuously check the identity of the user throughout a session necessary. My research has developed such a system called a continuous authentication system (CAS)."
Mr. Al Solami said his system had the ability to define a new global threshold for any user and so would not be affected by improvements or changes in a user's typing skill.
"It can detect significant changes in typing style for example, differences in the timing between characters," he said.
"The system does not need any predefining models from the username and password to authenticate authorized users. It would be of value in highly sensitive environments such as financial institutions, government organizations and defence.
"Organizations could either terminate session or generate an alert when a change in user is detected."
Mr. Al Solami said the system could be extended to the typing styles on mobiles and tablets.
"It could also be used with online exams to deter collusion during a session," he said.